Senior GRC Specialist (Mining)

About the position

Key Responsibilities



 



Governance, Risk & Compliance

• Support the development and maturity of the Group Information Management GRC capability.


• Design and implement integrated governance, risk and compliance frameworks.


• Lead enterprise risk identification, assessment and Risk Exposure Value analysis.


• Develop and implement Business Unit Risk Management Plans.


• Review and strengthen governance controls and risk mitigation strategies.


• Support governance reporting for executive leadership and Board committees.


• Ensure alignment of governance frameworks with enterprise risk strategy.

 



Data Privacy & Regulatory Compliance

• Drive compliance across POPIA, PAIA, GDPR and applicable regulatory requirements.


• Support the Information Officer function and statutory responsibilities.


• Manage regulatory reporting, compliance assessments and Information Regulator submissions.


• Develop and maintain privacy frameworks and controls.

 



Information & Data Governance

• Develop and implement AI Governance and Data Governance frameworks and roadmaps.


• Establish policies and governance structures for emerging technologies.


• Promote responsible use and governance of enterprise information assets.

 



Business Continuity & Resilience

• Support Business Continuity and organisational resilience initiatives.


• Assist with crisis management planning and operational continuity programmes.

 



Skills & Competencies

• Policy & Control Framework Development


• Data Privacy (POPIA / GDPR / PAIA)


• Enterprise Risk Management


• Governance Framework Design


• Information Security Governance


• Regulatory Compliance Management


• AI Governance


• Data Governance


• Business Continuity Management


• Audit & Controls Management


• Risk Analytics & Quantification


• Stakeholder Management


• Change Management


• Organisational Resilience


• Strategic Problem Solving

 


Minimum Requirements:

Education

• Bachelor’s Degree in Information Systems, Computer Science, Governance, Risk Management, Law, or related field.


• Postgraduate qualification advantageous.


• 8+ years of experience within Governance, Risk, Compliance, Information Management or Technology Risk environments.


• Experience within mining, industrial, financial services, or other highly regulated industries preferred.


• Strong experience with enterprise governance and regulatory environments.


• Experience engaging with senior leadership stakeholders.

 



Certificates:

• CISA


• CRISC


• CIPP


• COBIT


• ISO27001


• CGEIT

Desired Skills:

• Governance
• Risk
• Compliance